Devin Price on migrating to Digital Ocean

Devin from recently published a great tutorial on migrating to Digital Ocean.

I’ve become a huge fan of Digital Ocean, to the point that the only WordPress hosting I’d recommend is either that (or very similar provider like Linode), or going with a managed WordPress host like WPEngine, Flywheel, Kinsta, Pressable, etc.

Shared hosting is nice and easy and safe, but there’s just too much cruft around to ever be considered close to a “WordPress optimized” environment. But it can be sufficient for some.

Price-wise and power-wise, you’re not going to get any more bang for your buck than something like Digital Ocean or Linode.

Plus, it opens up the option of a more advanced infrastructure, like a separate database server, load balancing, and the like.

With management and all that includes (updates, security, backups, etc.), the managed WP hosts I’ve listed above are a total bargain.

I have a bit of a different method of building a WordPress server, but for starters I’d add this to Devin’s tutorial:

  • Use another user other than root. At the very least install Fail2Ban to prevent bruteforce attacks. This tutorial from Digital Ocean covers those initial server setup basics. It’s an unmanaged provider so they’re generally not going to help you clean up an infection like a managed WP host, so taking basic precautions is a must.

  • I like to store my files in a private BitBucket repository, which eliminates the step of scp’ing your files over. All you need is a git clone. And there are other benefits of storing your code off-site in version control as well.

  • Not sure if EasyEngine includes a mail server, but outsourcing email accounts to something like Google Apps or Zohomail is a good idea. And transactional email to Mandrill (which has a super easy to use WordPress plugin, btw). I prefer to keep all email off the server to preserve as many resources as possible for web serving.

  • Using WP CLI is probably one of the favorite parts about running my own servers. A lot of the time I don’t even bother logging into WordPress, rather just managing stuff with WP CLI. The “wp db import filename.sql” command can replace the MySQL command line database import stuff in Devin’s tutorial.

Any other thoughts?

Oh and don’t forget to vote in the WPChat-official best WordPress hosting poll where “Custom setup on an unmanaged cloud server provider (Digital Ocean, Linode)” is currently in the lead. :smiley:

1 Like

Hi Leland. Thanks linking the post and adding some of your thoughts.

Switching to user other than root is a really good idea. I’ll see how this is done and update the tutorial.

When storing files in BitBucket, do you version control items separately (theme, etc), the entire wp-content directory, or the entire install?

Easy Engine does not provide a mail server. They also offer a few solutions on their website.

WP CLI is actually installed by default with Easy Engine, so you could use that as well.

This is my first time setting up sites on DigitalOcean site (and I’ve only had it up a week). Is there anything else I need to look out for in day to day operation?

Hey Devin, thanks for joining! Not a problem, I thought it was an interesting resource to share and want to encourage more people to step outside the box of shared hosting.

This tutorial covers it well, although it might differ depending on your OS. This one was written for Ubuntu 14.04.

It’s also worth noting that it’s possible to completely lock yourself out of the server if you’re not careful. One of the safety nets of allowing root logins is you can still reset your root password via the DO control panel. But there’s an inherent security risk with that. Has its pros and cons.

I do the entire install. Although just doing wp-content would make sense too (and then just use “wp core download” to get the rest of the WP stuff).

I guess it’s more of a personal preference than anything, I just like the idea of having my entire site cloneable at any given time in the event that the server dies or something (not that that’s happened before).

I’m relatively new to it as well, but a few things I’ve noticed so far:

  • Ubuntu get updates a lot, some of which for security. If you get a message when ssh’ing saying something like “x packages are available for update. x are security updates.” run the command “sudo apt-get dist-upgrade” to get all of those updates.

  • Hasn’t been a problem yet, but it looks like all access and error logs are just stored on the server and not deleted, which could take up a lot of disk space if not kept in check.

  • I like to keep a fresh snapshot handy just in case the hypervisor fails or something, or before any major server changes, so I can easily spin up a new droplet with the same server configuration if needed.

You really shouldn’t be logging in as root. You should have an account with regular permissions and then use sudo to do what needs to be done as root. If you really want to be logged in as root, you should log in as your regular account and su root.

1 Like

Did not know that before. Cool. I haven’t dive into DO-type of installation but may do so next year. So, thanks for writing up this tutorial @devinsays, and for adding to it @leland. :wink:

Quick rookie question: possible to host more than one domain / WP installation on a single droplet?.. I’m currently on MediaTemple Grid for most of my personal and probono projects, but may consider moving into something like DO if it’s ‘easy’ enough to juggle with for multiple sites.

It definitely is possible!

For Nginx, “server blocks” are the equivilant of Apache virtual hosts. Follow this tutorial for Ubuntu 14.04. I also put up a server block automator script on GitHub so you don’t have to go through each of those steps manually.But I’d recommend doing it manually once at first just so you have a better idea of what’s going on.

That script assumes you’re using HHVM for PHP processing instead of PHP-FPM, this tutorial has more info on installing HHVM.

If you’re going with the $5 droplet, I’d recommend Nginx over Apache, as well as keeping all email-related programs off the server, and otherwise keeping things as minimal as possible.

It’s a learning curve but Digital Ocean makes it really easy to spin things up without making too much of a financial commitment while you figure things out.

I have a 512 MB RAM server set up now with a bunch of sites on it using Nginx/HHVM to run WordPress, although these are all low-traffic personal/probono-like things as well. I’d imagine if you cram too many sites on it you might need a RAM upgrade to cover it but I haven’t noticed any issues yet.

I understand the argument for this regarding desktops, but is it really necessary for a server If I’m the only one with access?

It’s just best practice. Unless you’re doing something that you need to be root to do, it’s best not be logged in as root.

The Unix command line is very powerful and it’s not all that difficult to make a mistake and do a lot of damage. If you’re not root, then the extent of that possible damage is limited.